Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Security testing method and system

A technology of security testing and testing modules, applied in the field of information security, can solve the problems of time-consuming and laborious sampling and testing of cryptographic chips, complex observation and control registers, and not batch testing, etc., to achieve strong usability and practicability, high degree of automation, The effect of small area overhead

Active Publication Date: 2015-05-27
南方电网互联网服务有限公司
View PDF3 Cites 14 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, due to the high difficulty of introducing effective faults and the complexity of observing and controlling register values, security testing against fault injection attacks requires several days or even longer testing time for an experienced test engineer, so The test of cryptographic chips is still a time-consuming and laborious sampling test rather than a batch test

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Security testing method and system
  • Security testing method and system
  • Security testing method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0026] figure 1 The implementation flow of the security testing method provided by Embodiment 1 of the present invention is shown, and the process of the method is described in detail as follows:

[0027] In step S101, a soft fault simulation platform is established.

[0028] In the embodiment of the present invention, in order to filter out the sensitive registers used for inserting the scan chain, a soft fault test simulation platform is built through SynopsysVCS software and Perl script.

[0029] In step S102 , based on the soft fault simulation platform, combined with the fault injection attack of the encryption algorithm, the fault-sensitive registers are screened out.

[0030] Specifically, as shown in Figure 2:

[0031] Step 1. Select multiple sets of random input values ​​for the gate-level netlist, and perform circuit encryption simulation to obtain the simulation output value;

[0032] Step 2. assigning the simulation output value to a reference value;

[0033] S...

Embodiment 2

[0067] Figure 5 The composition structure of the safety test system provided by the second embodiment of the present invention is shown, and for the convenience of description, only the parts related to the embodiment of the present invention are shown.

[0068] The security testing system can be a software unit, a hardware unit, or a combination of software and hardware built into terminal equipment (such as personal computers, laptops, tablet computers, smart phones, etc.), or integrated into terminal equipment as an independent pendant or In the application system of the terminal equipment.

[0069] The safety testing system includes:

[0070] The simulation platform establishment unit 51 is used to establish a soft fault simulation platform;

[0071] The register screening unit 52 is used to screen out fault-sensitive registers based on the soft fault simulation platform and in combination with the fault injection attack of the encryption algorithm;

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to the technical field of information security, and provides a security testing method and a security testing system. The security testing method comprises the following steps: establishing a soft fault simulation platform; based on the soft fault simulation platform and with the combination of fault injection attack of an encryption algorithm, screening a register with fault sensitivity; inserting the screened register into a scanning chain, simulating fault injection attack in a testing mode, and comparing the testing result with a pre-stored reference value to determine the security property of a circuit. The security testing method and the security testing system are applicable to in-batch testing on crypto chips, and the security property of the crypto chips can be effectively improved.

Description

technical field [0001] The invention belongs to the technical field of information security, and in particular relates to a security testing method and system. Background technique [0002] With the rapid development of information technology, the importance of information security is becoming more and more prominent. Electronic chip devices such as mobile phones, bank cards, electronic passports and citizen ID cards are being more widely used in various occasions. Existing electronic chip devices generally ensure information security through encryption algorithms stored in the chip. However, chips implemented based on semiconductor hardware have been seriously threatened by fault injection attacks. [0003] Fault injection attack is a method of artificially injecting certain faults and analyzing the key information according to the fault transmission mechanism and encryption / decryption results. The most common fault injection attack methods include: introducing transient p...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/26H04L29/06
Inventor 周剑斌李慧云邵翠萍徐国卿李大为罗鹏
Owner 南方电网互联网服务有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products